CLAIMS: 



1 . (Currently amended) A method for managing multiple user identities for a user of 
an electronic commerce (e-commerce) site, the method comprising: 

defining the e-commerce site as one or moro a plurality of security domains; and 
in response to a user's request to invoke an operation of the e-commerce site: 

determining a [[one]] security domain of the one or mor e plurality of 
security domains to which the operation relates; 

selecting a session from a plurality of sessions persisted for the user based 
on the determined security domain; and 

p e rforming one of a) cr e ating a session and b) reusing [[a]] the selected 
session for the user automatically in accordance with the 
determined security domain, [[said]] the selected session being 
associated with a user identity and a role , the user identity and the 
role together indicating privileges for invoking operations of the e- 
commerce site in at l e ast the determined security domain^-and 

p e rsisting said session for reuse . 

2. (Currently amended) The method of claim 1 comprising invoking [[said]] the 
requested operation with [[said]] the user identity and the role of [[said]] the selected 
session. 

3. (Currently amended) The method of claim 2 wherein the selected session 
comprises information indicating at least one of: the user preference's for invoking 
operations at the e-commerce site; the user's preferences for invoking operations at [[at]] 
least for the determined security domain; and a security signature for authenticating the 
selected session information. 

4. (Currently amended) The method of claim 1 comprising evaluating the requested 
operation to determine an operation type and wherein [[said]] the step of performing 
reusing is performed in accordance with the operation type. 
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5. (Canceled) 



6. (Currently amended) The method of claim 4 wherein [[said]] the user identity is 
associated with an identity type for permitting the invocation of operations; wherein 
[[said]] the method comprises receiving the user's request in association with one or more 
the plurality of sessions persisted for the user and retrieving [[a]] the user identity for the 
determined security domain from said on e or more the plurality of sessions: and wherein 
said performing the step of reusing is performed in response to the identity type of the 
retrieved user identity. 

7. (Currently amended) The method of claim 1 wherein [[said]] the step of 
persisting selecting comprises providing one or more cookies defining the selected 
session to the user for associating with a subsequent request. 

8. (Currently amended) The method of claim [[6]] 7 wherein the cookies comprise 
an authentication cookie and a session cookie; and wherein the method comprises 
authenticating the user's request. 

9. (Currently amended) The method of claim 1 comprising: 

defining each of the on e or more plurality of security domains as a hierarchy of 
organizations and assets owned by the organizations; and 

wherein [[said]] the step of determining [[a one]] the security domain of the one 
or mor e plurality of security domains to which the operation relates comprises evaluating 
the user's request in accordance with the hierarchy. 

10. (Currently amended) A computer program product having a computer readable 
medium tangibly embodying computer executable code for managing multiple user 
identities for a user of an electronic commerce (e-commerce) site defined using one or 
mere the plurality of security domains, wherein the computer program product 
comprising executable code , when executed on a computing device, causes the 
computing device to [[for]]: 
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in response to a user's request to invoke an operation of the e-commerce site: 



session for the user automatically in accordance with the 
determined security domain, [[said]] the selected session being 
associated with a user identity and a role , the user identity and the 
role together indicating privileges for invoking operations of the e- 
commerce site in at l e ast the determined security domainrand 
persisting said s e ssion for r e use . 



10 comprising code for invoking [[said]] the requested operation with [[said]] the user 
identity and the role of [[said]] the selected session. 

12. (Currently amended) The computer program product readable medium of claim 

1 1 wherein the selected session comprises information indicating at least one of: the user 
preference's for invoking operations at the e-commerce site; the user's preferences for 
invoking operations at [[at]] least for the determined security domain; and a security 
signature for authenticating the selected session information. 

1 3 . (Currently amended) The computer program product readable medium of claim 
10 comprising code for evaluating the requested operation to determine an operation type 
and wherein [[said]] the code for performing reusing is adapted to be performed in 
accordance with the operation type. 

14. (Canceled) 




1 . (Currently amended) The computer 




readable medium of claim 
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15. (Currently amended) The computer program product readable medium of claim 
13 wherein [[said]] the user identity is associated with an identity type for permitting the 
invocation of operations; wherein [[said]] the computer program product comprises code 
for receiving the user's request in association with one or more plurality of sessions 
persisted for the user and retrieving [[a]] the user identity for the determined security 
domain from said on e or mor e the plurality of sessions; and wherein [[said]] the code for 
performing reusing is adapted to be performed in response to the identity type of the 
retrieved user identity. 

16. (Currently amended) The computer program product readable medium of claim 
10 wherein [[said]] the code for p e rforming reusing comprises code for providing one or 
more cookies defining the selected session to the user for associating with a subsequent 
request. 

17. (Currently amended) The computer program product readable medium of claim 
16 wherein the cookies comprise an authentication cookie and a session cookie; and 
wherein the computer program product comprises code for authenticating the user's 
request. 

18. (Currently amended) The computer program product readable medium of claim 
10 comprising code for: 

defining each of the on e or mor e plurality of security domains as a hierarchy of 
organizations and assets owned by the organizations; and 

wherein [[said]] the code for determining [[a one]] the security domain of the one 
or more plurality of security domains to which the operation relates is adapted to evaluate 
the user's request in accordance with the hierarchy. 

19. (Currently amended) A system for managing multiple user identities for a user of 
an electronic commerce (e-commerce) site defined using one or more a plurality of 
security domains, the system comprising: 
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an identity manager component configured to, in response to a user's request to 
invoke an operation of the e-commerce site: 

determine a [[one]] security domain of the one or mor e plurality of 
security domains to which the operation relates; 

select a session from a plurality of sessions persisted for the user based on 
the determined security domain; and 

p e rform on e of a) cr e ating a session and b) r e using reuse [[a]] the selected 
session for the user automatically in accordance with the 
determined security domain, [[said]] the selected session being 
associated with a user identity and a role , the user identity and the 
role together indicating privileges for invoking operations of the e- 
commerce site in at least the determined security domaim-and 

p e rsist said session for r e use . 

20. (Currently amended) The system of claim 1 9 wherein the identity manager 
component is adapted to invoke [[said]] the requested operation with [[said]] the user 
identity and the role of [[said]] the selected session. 

2 1 . (Currently amended) The system of claim 20 wherein the selected session 
comprises information indicating at least one of: the user preference's for invoking 
operations at the e-commerce site; the user's preferences for invoking operations at [[at]] 
least for the determined security domain; and a security signature for authenticating the 
selected session information. 

22. (Currently amended) The system of claim 19 wherein the identity manager 
component is configured to evaluate the requested operation to determine an operation 
type and adapted to p e rform said on e of a) creating and b) reusing reuse the selected 
session in accordance with the operation type. 

23. (Canceled) 
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24. (Currently amended) The system of claim 22 wherein [[said]] the user identity is 
associated with an identity type for permitting the invocation of operations; wherein 
[[said]] the identity manager component is adapted to receive the user's request in 
association with one or mor e the plurality of sessions persisted for the user and retrieve 
[[a]] the user identity for the determined security domain from said on e or mor e the 
plurality of sessions; and wherein [[said]] the identity manager component is adapted to 
perform said one of a) cr e ating and b) reusing reuse the selected session in response to 
the identity type of the retrieved user identity. 

25. (Currently amended) The system of claim 19 wherein to persist said select the 
selected session [[said]] the identity manager component provides one or more cookies 
defining the selected session to the user for associating with a subsequent request. 

26. (Currently amended) The system of claim [[26]] 25 wherein the cookies comprise 
an authentication cookie and a session cookie; and wherein the identity manager 
component authenticates the user's request. 

27. (Currently amended) The system of claim 19 wherein the e-commerce site [[is]] 
defines each of the on e or mor e plurality of security domains as a hierarchy of 
organizations and assets owned by the organizations; and wherein [[said]] the identity 
manager component is adapted to determine [[a one]] the security domain of the one or 
mere plurality of security domains to which the operation relates by evaluating the user's 
request in accordance with the hierarchy. 
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